From owner-freebsd-ipfw Thu Jun 27 11:59:22 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id BC57337B408 for ; Thu, 27 Jun 2002 11:59:06 -0700 (PDT) Received: (from rizzo@localhost) by iguana.icir.org (8.11.6/8.11.3) id g5RIvnJ50848; Thu, 27 Jun 2002 11:57:49 -0700 (PDT) (envelope-from rizzo) Date: Thu, 27 Jun 2002 11:57:49 -0700 From: Luigi Rizzo To: jaime@snowmoon.com Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: ipfw fwd and bridging Message-ID: <20020627115749.B50351@iguana.icir.org> References: <20020627104301.A50086@iguana.icir.org> <20020627144549.X7490-100000@malkav.snowmoon.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020627144549.X7490-100000@malkav.snowmoon.com>; from jaime@snowmoon.com on Thu, Jun 27, 2002 at 02:46:52PM -0400 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Jun 27, 2002 at 02:46:52PM -0400, jaime@snowmoon.com wrote: > On Thu, 27 Jun 2002, Luigi Rizzo wrote: > > On Thu, Jun 27, 2002 at 01:12:01PM -0400, Jaime wrote: > > > any to any 80" to work the way that I expected. The man page seems to > > > indicate that fwd and bridge are incompatible. Is this true? > > > > yes. > > How about divert and bridge? I saw no mention of bridge in the incompatible as well. The new firewall code enforces this better (it will also make it easier to implement divert or forward or nat or tunneling of layer2 or layer3 packets, but none of this is implemented now). > divert manpage. Will an ipfw divert rule, a natd process, and bridging > work together on the same box? well, this is a different story. You _can_ have these things work together, but you have to write the rules in the right way. cheers luigi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message